package com.pmes.utils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.springframework.util.StringUtils;

import com.pmes.Constant;


public class SessionUtil {
	/**
     * 验证是否为有效的验证码
     * @return
     */
    public static boolean isVerCode(HttpServletRequest request, String code) {
    	HttpSession session = request.getSession(false);
    	String time=(String) session.getAttribute(Constant.Session_VER_CODE_TIME);
        if(!StringUtils.hasLength(time)) {
            return false;
        }
        String value=MessageDigestUtil.getMD5(time + "_" + code + "_" + Constant.Session_VER_CODE_SALT_KEY);
        String md5Code=(String) session.getAttribute(Constant.Session_VER_CODE);
        session.removeAttribute(Constant.Session_VER_CODE_TIME);
        session.removeAttribute(Constant.Session_VER_CODE);
        return value.equals(md5Code) && System.currentTimeMillis() - Long.parseLong(time) <= 3 * 60 * 1000;
    }
}
